Access-Control-Allow-Origin

Thought I wanted to collect a list of Access-Control-Allow-Origin fixes when doing Ajax calls

Give Chrome permission:

chrome.exe --allow-file-access-from-files

But you can’t do that on all clients in the world… – source and source

Use crossdomain and jasonp:

$.support.cors = true;
$.ajax({
        type: 'POST',
        url: 'myServer:63373/api/SendData',
        crossdomain: true,
        async: true,
        data: myData,
        dataType: 'jsonp',
        success: function(){}
    });

source

Use callback=?

$.ajax({
        type: 'POST',
        url: 'myServer:63373/api/SendData?callback=?',
        crossdomain: true,
        async: true,
        data: myData,
        success: function(){}
    });

‘?’ is replaced by the ajax callback funtion by jQuery.
Some API’s (e.g. twitter) use jsoncallback=? instead of callback=?
source

Using post shortcut

$.support.cors = true;
$.post('myServer:63373/api/SendData?callback=?', function (data, status, xhr){});

On server

The on the server side, you need to emit the following headers to allow access from the domain that served the page that included your javascript:

Access-Control-Allow-Origin: http://your-page-domain.com
Access-Control-Allow-Credentials: true

source and for .NET MVC and Web API

PhoneGap issues

Other links

ongoing…

The End

Advertisements

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: